Use SIM card as hardware wallet

Hi Magicians,

The SIM card can be used to store wallet keys; it would be like metamask through the SIM card, a SIMgap solution to utilize SIM hardware chip to secure the private keys.

PoC

A SIM card with a custom Java SIMgap applet that uses the STK (SIM Tool Kit) menu to ask for user PIN to confirm signature requests

Android APP using Android built-in APIs to construct requests to the SIMgap applet

iOS APP using BIP (Bearer Independent Protocal) to request the SIMgap applet for performing transactions.

Motivation

On mobile phones, software wallets are convenient to use but potentially insecure and cumbersome to move to a new device; hardware wallets, while secure, are expensive or requires additional cables or hardware if not unsupported at all.

The SIM card seems like a perfect solution: a piece of secure hardware controlled by the user that is always in the phone and can be moved between devices.

Next Steps

Try for an EIP to define the standard between the SIM and APP.

12 Likes

Hey, it’s great, I like to hear you would implement secure hardware wallet solution and you have done PoC. Including you will try to propose EIP to define the standard between the SIM and APP and I would like to hope coming soon.

Have you considered using something like a TPM or Secure Enclave as well? This is something that a considerable amount of modern devices have built into the hardware and extend outside of the phone compute environment.

1 Like

Great idea. Just wondering why there is no giant like Apple, or Samsung doing this. it should be super easy for them to integrate this.

1 Like

funny, some months ago I thought about this exact thing.
I wouldn’t go as far as saying it’s perfect, but it is a nice to have option.

it was a bit difficult researching the subject, it also seems that information like IMSI is encoded by the manufacturer and is kept in a database. other information like contacts is readable from the mobile device, so that’s no good. I’m not sure if there’s a trivial way to encode a key securely on a SIM.

the other option mentioned here is secure enclaves, Trusted Execution Environment (TEE), etc.
I wonder if existing wallets already implement this?

1 Like